Surprisingly by default JBoss EAP (at least version 5) comes with HTTPS disabled. Here is how to enable it:
- Open this file in editor: $JBOSS_HOME/server/
/deploy/jbossweb.sar/server.xml - Find section looking like the following and uncomment it:
- Note the keystorePass=”foobar” part. This defines the password you will need in the next steps. And no, it’s not foobar, you will see something else in your config file
- Run this command and answer all the questions. Use the same “foobar” password for the certificate when prompted. Since we’re building a self-signed certificate it doesn’t really matter what you’re entering, just make sure the alias
matches your web server name.
keytool -genkey -alias-keyalg RSA -keystore keystore.jks -storepass foobar -validity 1360 -keysize 2048
- After you answer all question you will find file called keystore.jks in your current directory. Copy this file to $JBOSS_HOME/server/all/conf/chap8.keystore (i.e. give the file new name)
- Restart the server
- After restart you can access your server on port 8443 (see the server.xml file configuration above to change it)
- Find section looking like the following and uncomment it:
One more note: if you see something like this:
14:59:11,400 ERROR [JSSESocketFactory] Failed to load keystore type JKS with path .../server/all/conf/chap8.keystore due to Keystore was tampered with, or password was incorrect
This most probably means the password you entered while generating the certificate doesn’t match the password in server.xml file.
